Identity information controlled financial account device

ABSTRACT

A processing unit and a mobile identity information controlled financial account device may communicate. The processing unit receives at least one digital representation of a biometric, obtains identity information using the at least one digital representation of the biometric, and determines whether or not to transmit an authorization signal to the mobile identity information controlled financial account device that enables use of the mobile identity information controlled financial account device in at least one transaction involving at least one financial account. The mobile identity information controlled financial account device may be usable for the at least one transaction when the mobile identity information controlled financial account device receives the authorization signal. The processing unit may also receive a first digital representation of a biometric for a first person along with at least one permission to assign regarding the mobile identity information controlled financial account device for a second person.

CROSS-REFERENCE TO RELATED

This application is a continuation patent application of U.S. patentapplication Ser. No. 16/803,879, filed Feb. 27, 2020 and titled“Identity Information Controlled Financial Account Device,” thedisclosure of which is hereby incorporated herein by reference in itsentirety.

FIELD

The described embodiments relate generally to financial account devices.More particularly, the present embodiments relate to financial accountdevices that are controlled using identity information.

BACKGROUND

People use a wide variety of different devices. Examples of such devicesinclude desktop computing devices, laptop computing devices, mobilecomputing devices, wearable devices, smart phones, tablet computingdevices, financial account devices, printers, displays, televisions,digital media players, thermostats, kitchen appliances, vehicles,vaporizer devices, navigation devices, entertainment devices, powertools, climate control devices, lighting devices, security devices,smart houses or other smart buildings, electronic devices, and so on.

The use of some devices may be controlled. In some cases, only peoplewith certain identity information associated with their identities (suchas age, name, financial status, criminal status, personal history, andso on) may be allowed to operate a device and/or to operate certainfunctions of a device. For example, in various situations, operation ofa vehicle may be restricted to people who are at least sixteen years ofage.

SUMMARY

The present disclosure relates to authorizing a mobile identityinformation controlled financial account device. A processing unit and amobile identity information controlled financial account device maycommunicate directly or indirectly. The processing unit may receive atleast one digital representation of a biometric (such as via a biometricreader device included in and/or separate from the mobile identityinformation controlled financial account device), obtain identityinformation using the at least one digital representation of thebiometric (such as via an identity system device), and determine whetheror not to transmit an authorization signal to the mobile identityinformation controlled financial account device that enables use of themobile identity information controlled financial account device in atleast one transaction involving at least one financial account (such aswhen the mobile identity information controlled financial account deviceis presented to a payment accepting device associated with the at leastone transaction). The mobile identity information controlled financialaccount device may be usable for the at least one transaction when themobile identity information controlled financial account device receivesthe authorization signal. The processing unit may also receive a firstdigital representation of a biometric for a first person along with atleast one permission to assign regarding the mobile identity informationcontrolled financial account device and then determine whether or not toauthorize use of the mobile identity information controlled financialaccount device when a second digital representation of a biometric for asecond person is received.

In various embodiments, a system for authorizing a mobile identityinformation controlled financial account device includes anon-transitory storage medium that stores instructions, a biometricreader device, at least one communication unit, and a processor. Theprocessor executes the instructions to communicate with the mobileidentity information controlled financial account device using the atleast one communication unit; receive at least one digitalrepresentation of a biometric using the biometric reader device; obtainidentity information from an identity system device, via the at leastone communication unit, using the at least one digital representation ofthe biometric; and determine whether to transmit an authorization signalto the mobile identity information controlled financial account deviceusing the at least one communication unit based on the identityinformation wherein the authorization signal enables use of the mobileidentity information controlled financial account device in at least onetransaction involving at least one financial account.

In some examples, the at least one communication unit is a short-rangecommunication unit and a long-range communication unit, the processorcommunicates with the mobile identity information controlled financialaccount device using the short-range communication unit, and theprocessor obtains the identity information from the identity systemdevice using the long-range communication unit. In variousimplementations of such examples, the short-range communication unit isat least one of a near-field communication unit, a Bluetoothcommunication unit, or a Bluetooth Low Energy communication unit and thelong-range communication unit is a WiFi communication unit or a cellularcommunication unit.

In a number of examples, the mobile identity information controlledfinancial account device is configured to deauthorize after receivingthe authorization signal if the communication between the mobileidentity information controlled financial account device and the atleast one communication unit is interrupted. In some examples, theidentity information includes at least one permission and the processordetermines whether to transmit the authorization signal based on the atleast one permission. In a number of implementations of such examples,the at least one permission restricts at least one of a transactiontime, a transaction place, a transaction subject, a transaction amount,an aggregate transaction amount, or an aggregate number of transactions.In various examples, the processor receives transaction information forthe at least one transaction and evaluates the transaction informationin determining whether to transmit the authorization signal.

In some embodiments, a mobile identity information controlled financialaccount device includes a non-transitory storage medium that storesinstructions, a communication unit operative to communicate with anenabling device, and a controller. The controller executes theinstructions to obtain at least one digital representation of abiometric, transmit the at least one digital representation of thebiometric to the enabling device using the communication unit, anddetermine whether to authorize use of the mobile identity informationcontrolled financial account device in at least one transactioninvolving at least one financial account based on identity informationobtained by the enabling device from an identity system device using theat least one digital representation of the biometric.

In various examples, the controller determines to authorize use of themobile identity information controlled financial account device andtransmits an authorization indication to a payment accepting device forthe at least one transaction.

In some examples, the mobile identity information controlled financialaccount device further includes a biometric reader device that thecontroller uses to obtain the at least one digital representation of thebiometric. In a number of examples of such implementations, the at leastone digital representation of the biometric is a first digitalrepresentation of a biometric and the controller is operative to receivea second digital representation of a biometric via the biometric readerdevice and deauthorize use of the mobile identity information controlledfinancial account device when the second digital representation of thebiometric mismatches the first digital representation of the biometric.In some implementations of such examples, the controller attempts toreauthorize use of the mobile identity information controlled financialaccount device by transmitting the second digital representation of thebiometric to the enabling device using the communication unit.

In a number of examples, the controller deauthorizes operation of themobile identity information controlled financial account device uponinterruption of communication with the enabling device.

In various embodiments, a system for authorizing a mobile identityinformation controlled financial account device includes anon-transitory storage medium that stores instructions, at least onebiometric reader device, at least one communication unit, and aprocessor. The processor executes the instructions to communicate withthe mobile identity information controlled financial account deviceusing the at least one communication unit; receive a first digitalrepresentation of a biometric for a first person using the at least onebiometric reader device; receive at least one permission from the firstperson to assign regarding the mobile identity information controlledfinancial account device; receive a second digital representation of abiometric for a second person using the at least one biometric readerdevice; obtain identity information from an identity system device, viathe at least one communication unit, using the second digitalrepresentation of the biometric for the second person; and determinewhether to transmit an authorization signal to the mobile identityinformation controlled financial account device using the at least onecommunication unit based on the identity information and the at leastone permission wherein the authorization signal enables use of themobile identity information controlled financial account device in atleast one transaction involving at least one financial account.

In some examples, the first digital representation of the biometric forthe first person and the second digital representation of the biometricfor the second person are received from a same electronic device thatincludes the at least one biometric reader device.

In a number of examples, the first digital representation of thebiometric for the first person is received from a first electronicdevice that includes a first biometric reader device and the seconddigital representation of the biometric for the second person isreceived from a second electronic device that includes a secondbiometric reader device. In some implementations of such examples, theprocessor requests the second digital representation of the biometricfor the second person from the second electronic device upon receipt ofthe at least one permission. In various implementations of suchexamples, the mobile identity information controlled financial accountdevice is configured to deauthorize after receiving the authorizationsignal upon interruption of communication between the mobile identityinformation controlled financial account device and the at least onecommunication unit.

In some examples, the at least one permission is temporary. In variousexamples, the at least one permission specifies transactionrestrictions.

BRIEF DESCRIPTION OF THE DRAWINGS

The disclosure will be readily understood by the following detaileddescription in conjunction with the accompanying drawings, wherein likereference numerals designate like structural elements.

FIG. 1 depicts a first example system for authorizing a mobile identityinformation controlled device.

FIG. 2 depicts a flow chart illustrating a first example method forauthorizing a mobile identity information controlled device. This methodmay be performed by the system of FIG. 1 .

FIG. 3 depicts a second example system for authorizing a mobile identityinformation controlled device.

FIG. 4 depicts a flow chart illustrating a second example method forauthorizing a mobile identity information controlled device. This methodmay be performed by the system of FIG. 3 .

FIG. 5 depicts a flow chart illustrating a third example method forauthorizing a mobile identity information controlled device. This methodmay be performed by the system of FIG. 3 .

FIG. 6 depicts a flow chart illustrating a fourth example method forauthorizing a mobile identity information controlled device. This methodmay be performed by the system of FIG. 3 .

FIG. 7 depicts a third example system for authorizing a mobile identityinformation controlled device.

FIG. 8 depicts a fourth example system for authorizing a mobile identityinformation controlled device.

FIG. 9 depicts a fifth example system for authorizing a mobile identityinformation controlled device.

FIG. 10 depicts a sixth example system for authorizing a mobile identityinformation controlled device.

FIG. 11 depicts a seventh example system for authorizing a mobileidentity information controlled device.

FIG. 12 depicts an eighth example system for authorizing a mobileidentity information controlled device.

FIG. 13 depicts a flow chart illustrating a fifth example method forauthorizing a mobile identity information controlled device. This methodmay be performed by one or more of the systems of FIGS. 7-12 .

FIG. 14 depicts a flow chart illustrating a sixth example method forauthorizing a mobile identity information controlled device. This methodmay be performed by one or more of the systems of FIGS. 7-12 .

FIG. 15 depicts a first example system for authorizing a mobile identityinformation controlled financial account device.

FIG. 16 depicts a flow chart illustrating a first example method forauthorizing a mobile identity information controlled financial accountdevice. This method may be performed by one or more of the systems ofFIGS. 15 and 18-22B.

FIG. 17 depicts a flow chart illustrating a second example method forauthorizing a mobile identity information controlled financial accountdevice. This method may be performed by one or more of the systems ofFIGS. 15 and 18-22B.

FIG. 18 depicts a second example system for authorizing a mobileidentity information controlled financial account device.

FIG. 19 depicts a third example system for authorizing a mobile identityinformation controlled financial account device.

FIG. 20 depicts a fourth example system for authorizing a mobileidentity information controlled financial account device.

FIG. 21 depicts a fifth example system for authorizing a mobile identityinformation controlled financial account device.

FIG. 22A depicts a sixth example system for authorizing a mobileidentity information controlled financial account device.

FIG. 22B depicts the system of FIG. 22A as the second person attempts toaccept authorization to use the mobile identity information controlledfinancial account device.

DETAILED DESCRIPTION

Reference will now be made in detail to representative embodimentsillustrated in the accompanying drawings. It should be understood thatthe following descriptions are not intended to limit the embodiments toone preferred embodiment. To the contrary, it is intended to coveralternatives, modifications, and equivalents as can be included withinthe spirit and scope of the described embodiments as defined by theappended claims.

The description that follows includes sample systems, apparatuses,methods, and computer program products that embody various elements ofthe present disclosure. However, it should be understood that thedescribed disclosure may be practiced in a variety of forms in additionto those described herein.

Financial account devices may include any kind of device that may beused to perform one or more functions related to one or more financialaccounts. Examples of such financial account devices may include creditcards, debit cards, smart cards, rewards account cards, loyalty accountcards, gift cards, mobile and/or other computing devices usable toperform one or more functions related to one or more financial accounts,and so on. Examples of such financial accounts may include one or morecredit card accounts, checking accounts, savings accounts, rewardsaccounts, loyalty accounts, airline miles accounts, insurance accounts,and so on. Examples of functions that may be performed related to one ormore financial accounts may include paying for one or more transactionsusing the one or more financial accounts, updating information relatedto one or more financial accounts, assigning and/or updating one or morepermissions regarding one or more functions that one or more people mayperform using one or more financial accounts and/or one or morefinancial account devices, and so on.

Controlling the use of financial account devices may prove challenging.In many situations, control may involve a payment accepting device (suchas a merchant point of sale system) contacting a financial accountissuer to verify that a financial account is currently valid for makingpayments upon presentation of a financial account device. However, thismay place hardware, software, and other burdens on financial accountissuer systems in order to constantly handle and respond to verificationrequests. Further, this may also place similar burdens on systemsassociated with the payment accepting device related to constantlycommunicating with the financial account issuer systems. Even temporaryissues that may prevent communication between systems associated withthe payment accepting device and the financial account issuer systemsmay prevent any kind of verification.

Additionally, this approach may be limited to verifying financialaccount validity and may not provide significant functionality relatingto whether or not the person presenting the financial account device isauthorized to do so, what permissions that person has, and so on.Personnel associated with the payment accepting device may be limited tochecking that the person presenting the financial account device claimsto have a name associated with the financial account (such as printed onthe financial account device), verifying that the person has proof ofidentification (such as a driver's license or the like) bearing a samename as is associated with the financial account, verifying that asignature of the person matches one associated with the financialaccount, and so on. Any of these techniques may be forged and/or notreliably establish the person's permission to use the financial accountand/or the financial account device. Moreover, these techniques do notsupport the ability of an authorized person granting permissions toanother person.

In another approach, a payment accepting device may obtain a biometricfrom a person presenting a financial account device and the financialaccount issuer may receive and compare that biometric to stored dataassociated with the financial account before verifying the current validstate of the financial account and that the person is authorized to usethe financial account. However, though this provides some additionalability to evaluate whether or not the person is authorized to use thefinancial account, this still places many of the above hardware and/orsoftware system burdens on systems associated with the payment acceptingdevice and the financial account issuer. For example, this may do littleto ameliorate hardware and/or software burdens regarding systemsassociated with the payment accepting device and the financial accountissuer being configured with the ability to constantly communicate witheach other, handle requests, perform comparisons, evaluate results, andso on.

The following disclosure relates to authorizing a mobile identityinformation controlled financial account device. A processing unit and amobile identity information controlled financial account device maycommunicate directly or indirectly. The processing unit may receive atleast one digital representation of a biometric (such as via a biometricreader device included in and/or separate from the mobile identityinformation controlled financial account device), obtain identityinformation using the at least one digital representation of thebiometric (such as via an identity system device), and determine whetheror not to transmit an authorization signal to the mobile identityinformation controlled financial account device that enables use of themobile identity information controlled financial account device in atleast one transaction involving at least one financial account (such aswhen the mobile identity information controlled financial account deviceis presented to a payment accepting device associated with the at leastone transaction). The mobile identity information controlled financialaccount device may be usable for the at least one transaction when themobile identity information controlled financial account device receivesthe authorization signal. The processing unit may also receive a firstdigital representation of a biometric for a first person along with atleast one permission to assign regarding the mobile identity informationcontrolled financial account device and then determine whether or not toauthorize use of the mobile identity information controlled financialaccount device when a second digital representation of a biometric for asecond person is received.

In this way, authorization can be controlled at the mobile identityinformation controlled financial account device with a great amount ofgranularity and fidelity to specific people, for specific transactions,at specific times, and so on as would not otherwise be performable byconventional systems. This may enable a wide variety of functionalitybeyond determining whether or not a financial account is currently validand/or whether or not a person claims to have a name and/or provides asignature matching one on a card and/or otherwise associated with afinancial account. Further, this may free up systems involving paymentaccepting devices and/or financial account issuers from having toconstantly communicate with each other and/or determine financialaccount validity. As such, these systems and/or larger systems withwhich they are involved may operate more efficiently, eliminateredundant components, and/or use less hardware and/or software resourcesthan would otherwise be possible in conventional systems.

In various embodiments, a system for authorizing a mobile identityinformation controlled financial account device may include anon-transitory storage medium that stores instructions, a biometricreader device, at least one communication unit, and a processor. Theprocessor may execute the instructions to communicate with the mobileidentity information controlled financial account device using the atleast one communication unit; receive at least one digitalrepresentation of a biometric using the biometric reader device; obtainidentity information from an identity system device, via the at leastone communication unit, using the at least one digital representation ofthe biometric; and determine whether to transmit an authorization signalto the mobile identity information controlled financial account deviceusing the at least one communication unit based on the identityinformation wherein the authorization signal enables use of the mobileidentity information controlled financial account device in at least onetransaction involving at least one financial account.

In some embodiments, a mobile identity information controlled financialaccount device may include a non-transitory storage medium that storesinstructions, a communication unit operative to communicate with anenabling device, and a controller. The controller may execute theinstructions to obtain at least one digital representation of abiometric, transmit the at least one digital representation of thebiometric to the enabling device using the communication unit, anddetermine whether to authorize use of the mobile identity informationcontrolled financial account device in at least one transactioninvolving at least one financial account based on identity informationobtained by the enabling device from an identity system device using theat least one digital representation of the biometric.

In a number of embodiments, a system for authorizing a mobile identityinformation controlled financial account device may include anon-transitory storage medium that stores instructions, at least onebiometric reader device, at least one communication unit, and aprocessor. The processor may execute the instructions to communicatewith the mobile identity information controlled financial account deviceusing the at least one communication unit; receive a first digitalrepresentation of a biometric for a first person using the at least onebiometric reader device; receive at least one permission from the firstperson to assign regarding the mobile identity information controlledfinancial account device; receive a second digital representation of abiometric for a second person using the at least one biometric readerdevice; obtain identity information from an identity system device, viathe at least one communication unit, using the second digitalrepresentation of the biometric for the second person; and determinewhether to transmit an authorization signal to the mobile identityinformation controlled financial account device using the at least onecommunication unit based on the identity information and the at leastone permission wherein the authorization signal enables use of themobile identity information controlled financial account device in atleast one transaction involving at least one financial account.

Various configurations are possible and contemplated without departingfrom the scope of the present disclosure. These and other embodimentsare elaborated in more detail below.

Operation of electronic devices other than financial account devices mayalso be controlled. Different approaches may be used to control all orpart of the operation of an electronic device based on various differentidentity information. For example, retailers may only sellage-restricted electronic devices to people who are at least theappropriate age and provide a government issued identification provingtheir age. However, a legitimate purchaser may then provide theage-restricted electronic device to an underage person. By way ofanother example, an age-restricted electronic device may be configuredwith electronic components that scan a government issued identification,verify that the government issued identification is valid and for thatperson, and that the government issued identification evidences that theperson is at least the appropriate age. However, such components maysignificantly increase the size and cost of an electronic device, aswell as increase the resources the electronic device consumes.

The following disclosure also relates to a system for authorizing amobile identity information controlled device. At least one digitalrepresentation of a biometric may be received using a biometric readerdevice. Identity information may be obtained from an identity systemdevice using the digital representation of the biometric. Operation of amobile identity information controlled device may be controlled usingthe identity information. In this way, operation of a mobile identityinformation controlled device may be controlled using identityinformation while protecting access to the identity information. Thismay enable performance of functions not previously performable by thesystem, reduce the number of system components, prevent duplication ofcomponents, prevent identity information and/or biometric data frombeing stored by the mobile identity information controlled device,minimize communication connection traffic, improve the efficiency and/oroperation of the system, and so on.

In some embodiments, the mobile identity information controlled devicemay include the biometric reader device and the mobile identityinformation controlled device may communicate with the identity systemdevice. In other embodiments, the mobile identity information controlleddevice may communicate with an enabling device that includes thebiometric reader and/or communicates with the identity system device inorder to authorize operation.

In various embodiments, the digital representation of the biometric maybe reobtained each time that the mobile identity information controlleddevice is operated. If the digital representation is not reobtained(which may involve reobtaining the identity information, comparing thedigital representation of the biometric to a previous one used to obtainthe identity information, and so on), operation may be deauthorized.This may prevent a person from providing the digital representation ofthe biometric to authorize operation and then providing the mobileidentity information controlled device to another person. In otherembodiments, the digital representation of the biometric may bereobtained upon the occurrence of a condition, such as movement of themobile identity information controlled device, alteration of the mobileidentity information controlled device, expiration of a time period,interruption of a communication connection between the mobile identityinformation controlled device and an enabling device and/or the identitysystem device, receipt of a deauthorization signal, travel of the mobileidentity information controlled device away from an enabling device, andso on. This may balance fraud prevention with network communication,efficient operation, and so on.

These and other embodiments are discussed below with reference to FIGS.1-14 . However, those skilled in the art will readily appreciate thatthe detailed description given herein with respect to these Figures isfor explanatory purposes only and should not be construed as limiting.

FIG. 1 depicts a first example system 100 for authorizing a mobileidentity information controlled device. The system 100 may include anelectronic device 101, which may be a mobile identity informationcontrolled device and/or an enabling device for a mobile identityinformation controlled device. The system 100 may also include anidentity system device 102.

The electronic device 101 may be any kind of device. Examples of suchdevices include, but are not limited to, one or more desktop computingdevices, laptop computing devices, mobile computing devices, wearabledevices, tablet computing devices, mobile telephones, smart phones,printers, displays, vehicles, kitchen appliances, vaporizers,entertainment system devices, digital media players, smart houses orother smart buildings, and so on. The electronic device 101 may includeone or more controllers 110 and/or other processors and/or processingunits, one or more non-transitory storage media 112 (which may take theform of, but is not limited to, a magnetic storage medium; opticalstorage medium; magneto-optical storage medium; read only memory; randomaccess memory; erasable programmable memory; flash memory; and so on),one or more communication units 113, and/or one or more other components(such as one or more biometric reader devices, input/output components,buttons, sensors, and so on). The controller 110 may execute one or moresets of instructions stored in the non-transitory storage media 112 toperform various functions, such as obtaining identification information,communicating with the identity system device 102 via the communicationunit 113, and so on.

Similarly, the identity system device 102 may include one moreprocessing units 114, non-transitory storage media 115, communicationunits 116, and/or other components. The processing unit 114 may executeone or more sets of instructions stored in the non-transitory storagemedia 115 to perform various functions, such as receiving identificationinformation, comparing identification information to storedidentification information to determine associated stored identityinformation, communicating with the electronic device 101 via thecommunication unit 116, and so on.

The electronic device 101 may be operable to receive identificationinformation, such as one or more hashes and/or other digitalrepresentations of one or more biometrics, one or more account logins,one or more passwords, and so on. The electronic device 101 may transmitthe identification information directly and/or indirectly to theidentity system device 102. The identity system device 102 may determinewhether the identification information is associated with storedidentity information (such as one or more names, addresses, phonenumbers, social security numbers, credit card and/or other financialinformation, payment records, purchase and/or other behavior records,age and/or verified age, driver's license and/or other identification orauthorization information, vehicle rental contract information,insurance verification, and so on). If so, the identity system device102 may return and/or otherwise allow access to associated identityinformation and/or one or more attestations regarding such directlyand/or indirectly to the electronic device 101 (such as whether a personis of at least a certain age, whether or not a person is authorized tooperate a vehicle, and so on). The electronic device 101 may use theidentity information and/or attestation regarding such to authorizeand/or deny and/or otherwise restrict partial or full operation of theelectronic device 101 and/or an associated device.

For example, the electronic device 101 may be a vehicle. The vehicle mayinclude a biometric reader device, such as a fingerprint scanner, anoptical fingerprint scanner, a phosphorescent fingerprint scanner, atime-of-flight sensor, a camera, an image sensor, a saliva sensor, adeoxyribonucleic acid sensor, a heart rhythm monitor, a microphone, andso on. The vehicle may use the biometric reader device to obtain one ormore digital representations of one or more biometrics (such as adigital representation of a fingerprint, a voiceprint, a facial image, aretina image, an iris image, a deoxyribonucleic acid sequence, a heartrhythm, a gait, and so on) for a person. The vehicle may transmit thedigital representation of the biometric to the identity system device102. The identity system device 102 may determine if stored identityinformation is associated with stored biometric data matching thedigital representation of the biometric. The identity system device 102may also determine whether such stored identity information indicatesthe person is of age to operate the vehicle, has insurance covering thevehicle, is a permitted operator of the vehicle, has a license tooperate the vehicle, and so on. The identity system device 102 mayreturn such information to the vehicle and/or one or more attestationsregarding such. Using the information and/or attestation, the vehiclemay allow and/or deny and/or otherwise restrict operation of the vehicleby the person.

In various embodiments, the electronic device 101 may reobtain theidentification information and/or the identity information and/orattestation each time operation is attempted. If the electronic device101 is not able to reobtain the identification information and/or theidentity information and/or attestation, the electronic device maydeauthorize operation. This may prevent a person from providing theidentification information to authorize operation and then providing theelectronic device 101 or an associated device to another person. Inother embodiments, the electronic device 101 may reobtain theidentification information and/or the identity information and/orattestation upon the occurrence of a condition, such as movement of theelectronic device 101 or an associated device, alteration of theelectronic device 101 or an associated device, expiration of a timeperiod (such as ten minutes, one day, and so on), interruption of acommunication connection between the electronic device 101 and anotherdevice (such as the identity system device 102, an associated device,and so on), receipt of a deauthorization signal, travel of theelectronic device 101 away from an associated device and/or vice versa,and so on. This may balance fraud prevention with network communication,efficient operation, and so on.

FIG. 2 depicts a flow chart illustrating a first example method 200 forauthorizing a mobile identity information controlled device. This method200 may be performed by the system 100 of FIG. 1 .

At operation 210, an electronic device may obtain identificationinformation. In some examples, the identification information may be atleast one digital representation of a biometric obtained via a biometricreader device. The digital representation of the biometric may be adigital representation of a fingerprint, a voiceprint, a facial image, aretina image, an iris image, a deoxyribonucleic acid sequence, a heartrhythm, a gait, and so on. The biometric reader device may be afingerprint scanner, an optical fingerprint scanner, a phosphorescentfingerprint scanner, a time-of-flight sensor, a camera, an image sensor,a saliva sensor, a deoxyribonucleic acid sensor, a heart rhythm monitor,a microphone, and so on.

At operation 220, the electronic device may transmit the identificationinformation to one or more identity system devices. In some examples,the electronic device may transmit the identification information viaone or more intermediate devices. For example, the electronic device mayuse a short-range communication unit (such as a near-field communicationunit, a Bluetooth communication unit, a Bluetooth Low Energycommunication unit, and so on) to transmit the identificationinformation to an intermediate device that in turn communicates with anidentity system device using a long-range communication unit (such as aWiFi communication unit, a cellular communication unit, and so on).

At operation 230, the electronic device may receive identity information(such as a verified age of a person, a status of the person's driver'slicense, and so on). The electronic device may receive theidentification information from an identity system device and/or anintermediate device in response to transmitting the identificationinformation.

At operation 250, the electronic device may use the identity informationto determine whether or not to allow operation (whether full operation,partial operation, and so on) of the electronic device and/or anassociated electronic device. If not, the flow may proceed to operation240 where the electronic device may deny operation. Otherwise, the flowmay proceed to operation 260 where the electronic device allows theoperation.

For example, a desktop computing device may include a video streamingapplication. The desktop computing device may receive login informationfor an associated account and transmit the login information to anidentity system device. The identity system device may use the logininformation to determine whether or not there is payment record identityinformation indicating payment of a subscription fee for the videostreaming application. If so, the identity system device may return anattestation indicating that the subscription fee was paid and thedesktop computing device may allow operation of the video streamingapplication. Otherwise, the desktop computing device may deny operationof the video streaming application, but may allow operation of one ormore other applications.

In various examples, this example method 200 may be implemented as agroup of interrelated software modules or components that performvarious functions discussed herein. These software modules or componentsmay be executed within a cloud network and/or by one or more computingdevices, such as the electronic device 101 of FIG. 1 .

Although the example method 200 is illustrated and described asincluding particular operations performed in a particular order, it isunderstood that this is an example. In various implementations, variousorders of the same, similar, and/or different operations may beperformed without departing from the scope of the present disclosure.

For example, the method 200 is illustrated and described as theelectronic device receiving the identity information. However, it isunderstood that this is an example. In some implementations, theelectronic device may instead receive one or more attestations regardingthe identity information. For example, the electronic device may receivean indication that the person meets a threshold age (such as 18, 21, andso on), is legally allowed to operate a vehicle, and so on. Variousconfigurations are possible and contemplated without departing from thescope of the present disclosure.

In various implementations, there may be multiple tiers ofauthorizations for a mobile identity information controlled device. Forexample, tiers may include a tier for authorization to use all functionsand/or components of a mobile identity information controlled device andfull authorization to grant authorization to others, a tier forauthorization to use a subset of functions and/or components of a mobileidentity information controlled device and/or partial authorization togrant authorization to others, a tier for authorization to use all or asubset of functions and/or components of a mobile identity informationcontrolled device but not authorization to grant authorization toothers, a tier for authorization to grant authorization to others butnot use all or a subset of functions and/or components of a mobileidentity information controlled device, a tier for temporaryauthorization to either use all or a subset of functions and/orcomponents of a mobile identity information controlled device and/orgrant authorization to others, a tier for authorization under certainconditions (such as between certain hours, during daylight, when schoolis not in session, and so on). In some implementations, a person who hasa higher tier of authorization may voluntarily restrict themselves to alower tier in order to restrict his own use of the mobile identityinformation controlled device. Various configurations are possible andcontemplated without departing from the scope of the present disclosure.

FIG. 3 depicts a second example system 300 for authorizing a mobileidentity information controlled device. The system 300 may include anenabling device 303 that may communicate with an electronic device 301and/or an identity system device 302 via one or more communicationnetworks 325.

The enabling device 303 may include one or more processing units 320,non-transitory storage media 322, communication units 323, input/outputdevices 324, and/or other components. Similarly, the electronic device301 may include one or more controllers 310, non-transitory storagemedia 312, communication units 313, input/output devices 311, and/orother components. Likewise, the identity system device 302 may includeone or more processing units 314, non-transitory storage media 315,communication units 316, and/or other components.

The processing unit 320 of the enabling device 303 may execute one ormore instructions stored in the non-transitory storage medium 322 toperform various functions. For example, the processing unit 320 mayreceive identification information via the input/output device 324,transmit the identification information to the identity system device302 via the communication unit 323, receive identity information fromthe identity system device 302 via the communication unit 323, determinewhether to allow or refuse operation of the electronic device 301 usingthe identification information, and transmit one or more authorization,deauthorization, and/or other signals to the electronic device 301 viathe communication unit 323.

FIG. 4 depicts a flow chart illustrating a second example method 400 forauthorizing a mobile identity information controlled device. This method400 may be performed by the system 300 of FIG. 3 .

At operation 410, an electronic device may obtain identificationinformation. At operation 420, the electronic device may transmit theidentification information to an identity system. At operation 430, theelectronic device may receive identity information from theidentification system in response to transmitting the identificationinformation.

At operation 450, the electronic device may determine whether or not toallow operation of an associated electronic device using the identityinformation. If not, the flow may proceed to operation 440 where theelectronic device may refuse to allow operation of the associatedelectronic device. Otherwise, the flow may proceed to operation 460where the electronic device may transmit an allow signal to theassociated electronic device.

Upon receipt of the allow signal, the associated electronic device mayallow operation.

For example, a smart phone may be configured to operate as an enablingdevice for a digital media player. The digital media player may beconfigured with a short-range communication unit, such as a Bluetoothcommunication unit, but may not have a long-range communication unit.The smart phone may be configured with both a short-range communicationunit and a long-range communication unit, such as a WiFi communicationunit or a cellular communication unit. An identity system device may beaccessible using a long-range communication unit, but not a short-rangecommunication unit. However, the smart phone and the digital mediaplayer may be operable to communicate using a short-range communicationunit. As such, the smart phone may be configured to communicate with theidentity system device on behalf of the digital media player toauthorize operation to make up for the inability of the digital mediaplayer to communicate directly. The smart phone may obtainidentification information, communicate with the identity system deviceusing the long-range communication unit, and communicate with thedigital media player using the short-range communication unit toauthorize operation (if appropriate).

In various examples, this example method 400 may be implemented as agroup of interrelated software modules or components that performvarious functions discussed herein. These software modules or componentsmay be executed within a cloud network and/or by one or more computingdevices, such as the electronic device 301 and/or the enabling device303 of FIG. 3 .

Although the example method 400 is illustrated and described asincluding particular operations performed in a particular order, it isunderstood that this is an example. In various implementations, variousorders of the same, similar, and/or different operations may beperformed without departing from the scope of the present disclosure.

For example, the above illustrates and describes the electronic deviceobtaining the identification information. However, it is understood thatthis is an example. In some implementations, the electronic device mayreceive the identification information from the same device to which theelectronic device transmits the allow signal. Various configurations arepossible and contemplated without departing from the scope of thepresent disclosure.

FIG. 5 depicts a flow chart illustrating a third example method 500 forauthorizing a mobile identity information controlled device. This method500 may be performed by the system 300 of FIG. 3 .

At operation 510, an electronic device may obtain identificationinformation. At operation 520, the electronic device may transmit theidentification information via an enabling device. At operation 530, theelectronic device may determine whether or not an allow signal isreceived. For example, the allow signal may be received from theenabling device. If so, the flow may proceed to operation 540 where theelectronic device may allow operation. Otherwise, the flow may proceedto operation 560 where the electronic device may deny operation.

After the electronic device allows operation at operation 540, the flowmay proceed to operation 550 where the electronic device determineswhether or not different identification information is received. If so,the flow may proceed to operation 520 where the electronic devicetransmits the different identification information via an enablingdevice. Otherwise, the flow may return to operation 540 where theelectronic device may continue to allow operation.

For example, a digital media player may be configured to use a smartphone as an enabling device. The digital media player may be configuredto obtain a digital representation of a biometric of a person andtransmit the digital representation of the biometric to the smart phone.The smart phone may be configured to transmit the received digitalrepresentation of the biometric to an identity system device and receiveinformation back indicating whether or not the person is at least 18years of age. If so, the smart phone may transmit an allow signal to thedigital media player to allow operation of the digital media player topresent R rated content and/or other content restricted to people whoare 18 years of age or more.

In various examples, this example method may be implemented as a groupof interrelated software modules or components that perform variousfunctions discussed herein. These software modules or components may beexecuted within a cloud network and/or by one or more computing devices,such as the electronic device 301 and/or the enabling device 303 of FIG.3 .

Although the example method 500 is illustrated and described asincluding particular operations performed in a particular order, it isunderstood that this is an example. In various implementations, variousorders of the same, similar, and/or different operations may beperformed without departing from the scope of the present disclosure.

For example, the method 500 is illustrated and described as obtainingthe identification information and transmitting such to the enablingdevice. However, in some implementations, the enabling device may obtainthe identification information, transmit the identification informationto one or more identity system devices, and transmit one or more allowor deny signals to one or more associated electronic devicesaccordingly. Various configurations are possible and contemplatedwithout departing from the scope of the present disclosure.

FIG. 6 depicts a flow chart illustrating a fourth example method 600 forauthorizing a mobile identity information controlled device. This method600 may be performed by the system 300 of FIG. 3 .

At operation 610, an electronic device may obtain identificationinformation. At operation 620, the electronic device may transmit theidentification information via an enabling device. For example, theelectronic device may transmit the identification information to anidentity system device via the enabling device. At operation 630, theelectronic device may receive identity information via the enablingdevice. For example, the electronic device may receive the identityinformation from an identity system device via the enabling device, suchas in response to transmitting the identification information via theenabling device. The flow may then proceed to operation 650 where theelectronic device determines whether or not to allow operation using theidentity information. If so, the flow may proceed to operation 660 wherethe electronic device may allow operation. Otherwise, the flow mayproceed to operation 640 where the electronic device may deny operation.

For example, the electronic device may be a vehicle. The vehicle may usea satellite navigation component associated with the vehicle tocommunicate with an identity system device. The vehicle may capture animage of a person's face, use the satellite navigation component totransmit a digital representation of the image to an identity systemdevice, and receive information back from the identity system device viathe satellite navigation component regarding whether or not the personis authorized to operate the vehicle.

In various examples, this example method 600 may be implemented as agroup of interrelated software modules or components that performvarious functions discussed herein. These software modules or componentsmay be executed within a cloud network and/or by one or more computingdevices, such as the electronic device 301 and/or the enabling device303 of FIG. 3 .

Although the example method 600 is illustrated and described asincluding particular operations performed in a particular order, it isunderstood that this is an example. In various implementations, variousorders of the same, similar, and/or different operations may beperformed without departing from the scope of the present disclosure.

For example, the method 600 is illustrated and described as using thesame enabling device to transmit the identification information andreceive the identity information. However, it is understood that this isan example. In some implementations, multiple enabling devices (such asdifferent enabling devices used to transmit and receive information) maybe used. Various configurations are possible and contemplated withoutdeparting from the scope of the present disclosure.

Further, the method 600 is illustrated and described as either allowingor denying operation. However, in some examples of variousimplementations, the electronic device may allow and/or deny operationof different functions or components of the electronic device instead ofallowing and/or denying all operation. Various configurations arepossible and contemplated without departing from the scope of thepresent disclosure.

FIG. 7 depicts a third example system 700 for authorizing a mobileidentity information controlled device. In this example, the system 700may include a vehicle 701 that includes a microphone 711. The vehicle701 may use the microphone 711 to obtain a digital representation of thevoice of a person 730, transmit the digital representation of the voiceto one or more identity system devices, receive information in returnregarding whether or not the person is authorized to operate thevehicle, and allow and/or deny operation accordingly.

For example, the person may be authorized to operate the vehicle 701 ifthe person is at least 16 years of age, has a valid driver's license,has insurance that covers the vehicle 701, owns the vehicle 701, has avalid rental contract for the vehicle 701, is on a permitted operatorlist for the vehicle 701, and so on. In some examples, the person may beauthorized for some operation of the vehicle 701 but not others and thevehicle 701 may allow and/or deny accordingly. By way of illustration, adriver who is 16 years of age may be permitted to drive the vehicle 701but not use the radio while doing so. By way of another illustration, aperson may be allowed to use the radio and/or climate control systems,but may not be allowed to drive. By way of another illustration, aperson may be allowed to drive the vehicle 701 in certain areas but notothers, at certain times but not others, at certain speeds but notothers, and so on. Various configurations are possible and contemplatedwithout departing from the scope of the present disclosure.

As described above, in various implementations, there may be multipletiers of authorizations. For example, a parent may have fullauthorization to use the vehicle at any time, under any conditions, andfull authorization to grant authorization to others. The parent maygrant a more limited set of authorizations to a child, such asauthorization to use the vehicle to drive between home and work, beforedark, when school is not in session, for a temporary time (such as forthe next five hours so the child can take the vehicle to go see a movie)and so on. The child may not have authorization to grant authorizationto use the vehicle to others. Various configurations are possible andcontemplated without departing from the scope of the present disclosure.

FIG. 8 depicts a fourth example system 800 for authorizing a mobileidentity information controlled device. In this example, the system 800may include a vehicle 801 that includes an antenna 813. A person 830 mayhave a mobile communication device 802 that includes a time-of flightsensor or other image sensor, such as a camera 821. The mobilecommunication device 802 may be operable to capture an image of the faceof the person 830, transmit a digital representation of the face to anidentity system device, receive identity information (that may indicatevarious information related to whether or not the person is authorizedto use the vehicle 801), and transmit an allow and/or deny signalregarding operation of the vehicle 801 to the vehicle 801 via theantenna 813 using the identity information.

FIG. 9 depicts a fifth example system 900 for authorizing a mobileidentity information controlled device. In this example, the system 900may include a portable movie player 901 that includes a fingerprintsensor 911. The portable movie player 901 may be operable to receive adigital representation of a fingerprint of a person 930 using thefingerprint sensor 911, transmit the digital representation of thefingerprint to an identity system device, receive identity informationfrom the identity system device regarding whether or not the person 930has been granted permission to access movie content, and allow and/ordeny operation to access movie content accordingly.

As described above, in various implementations, there may be multipletiers of authorizations. For example, a parent may have fullauthorization to view any movie. The parent may grant a more limited setof authorizations to a child, such as authorization to see certainmovies but not others, to see movies that have less than a particularrating (such as an ‘R’ rating), to see movies during certain hours (likebetween 5 and 8, when school is not in session, and so on), to seeentertainment movies after watching educational movies, and so on.Various configurations are possible and contemplated without departingfrom the scope of the present disclosure.

FIG. 10 depicts a sixth example system 1000 for authorizing a mobileidentity information controlled device. In this example, the system 1000may include a digital media player 1001 and a tablet computing device1002 that includes a time-of flight sensor or other image sensor, suchas a camera 1021. The tablet computing device 1002 may be operable toreceive a digital representation of a face of a person 1030 using thecamera 1021, transmit the digital representation of the face to anidentity system device, receive identity information from the identitysystem device regarding whether or not the person 1030 has paid toaccess content, and transmit a signal to the digital media player 1001to allow and/or deny operation of the digital media player 1001 and toaccess the content accordingly.

FIG. 11 depicts a seventh example system 1100 for authorizing a mobileidentity information controlled device. In this example, the system 1100may include a vaporizer 1101 with a saliva detector 1111A and a button1111B. The vaporizer 1101 may be operable to obtain a digitalrepresentation of a deoxyribonucleic acid sequence for a person 1130(and/or information that may be used to determine such) when the person1130 puts the saliva detector 1111A to the mouth of the person 1130 andpresses the button 1111B. The vaporizer 1101 may transmit the digitalrepresentation of the deoxyribonucleic acid sequence to an identitysystem device and receive an age of the person 1130 in response. Thevaporizer 1101 may allow operation accordingly, such as allowingoperation of the vaporizer 1101 if the person is at least 18 years ofage.

In various embodiments, the vaporizer 1101 may reobtain the digitalrepresentation of the deoxyribonucleic acid sequence every time thevaporizer 1101 is operated. If the digital representation of thedeoxyribonucleic acid sequence and/or the age of the person 1130 is notreobtained, the vaporizer 1101 may deauthorize operation. This mayprevent the person 1130 from authorizing operation and then providingthe vaporizer 1101 to another person.

In other embodiments, the vaporizer 1101 may reobtain the digitalrepresentation of the deoxyribonucleic acid sequence upon the occurrenceof a condition, such as refilling or recharging of the vaporizer 1101,movement of the vaporizer 1101 outside of a geographic area (such asmovement of over a mile, outside of a one block range, and so on),expiration of a time period, receipt of a deauthorization signal fromanother electronic device, detection of a different deoxyribonucleicacid sequence using the saliva detector 1111A, and so on.

In various embodiments, the vaporizer 1101 may store the digitalrepresentation of the deoxyribonucleic acid sequence afterauthorization. In such embodiments, the vaporizer 1101 may obtain andcompare a digital representation of the deoxyribonucleic acid sequenceto the stored one each time the vaporizer 1101 is operated. Upon amismatch, the vaporizer 1101 may transmit the newly obtained digitalrepresentation of the deoxyribonucleic acid sequence to the identitysystem device to ensure that it is associated with identity informationfor a person who is at least 18 years of age. If not, the vaporizer 1101may deauthorize operation.

FIG. 12 depicts an eighth example system 1200 for authorizing a mobileidentity information controlled device. In this example, the system 1200may include a vaporizer 1201 and a tablet computing device 1202. Thevaporizer 1201 may include a button 1211 and the tablet computing device1202 may include a time-of flight sensor or other image sensor, such asa camera 1221.

The tablet computing device 1202 may be operable to capture an image ofa face of a person 1230 using the camera 1221 and transmit a digitalrepresentation of the image to an identity system device. The tabletcomputing device 1202 may also be operable to receive an age of theperson 1230 from the identity system device and transmit anauthorization signal to the vaporizer 1201 if the person 1230 is atleast 18 years of age. The button 1211 of the vaporizer 1201 may beoperable to activate the vaporizer 1201 only if the vaporizer 1201 hasreceived an authorization signal.

Alternatively, the tablet computing device 1202 may transmit the age ofthe person 1230 to the vaporizer 1201. In such an example, the vaporizer1201 may allow operation if the person 1230 is at least 18 years of age.Various configurations are possible and contemplated without departingfrom the scope of the present disclosure.

In various embodiments, the tablet computing device 1202 may reobtainthe digital representation of the image upon the occurrence of acondition, such as refilling or recharging of the vaporizer 1201,expiration of a time period, receipt of a deauthorization signal fromanother electronic device, detection of a different image of a person'sface, movement of the vaporizer 1201, alteration of the vaporizer 1201,expiration of a time period, interruption of a communication connectionbetween the vaporizer 1201 and the tablet computing device 1202, travelof the vaporizer 1201 and the tablet computing device 1202 away fromeach other, and so on.

For example, after authorization, the vaporizer 1201 may remainauthorized as long as the vaporizer 1201 is within 100 feet of thetablet computing device 1202. If the vaporizer 1201 is more than 100feet away from the tablet computing device 1202, the vaporizer 1201 maydeauthorize operation until the vaporizer 1201 receives a signal toreauthorize. Various configurations are possible and contemplatedwithout departing from the scope of the present disclosure.

As described above, in various implementations, there may be multipletiers of authorizations for a mobile identity information controlleddevice. In some examples, a person who has a higher tier ofauthorization may voluntarily restrict themselves to a lower tier inorder to restrict his own use of the vaporizer 1201. By way ofillustration, the person may restrict his use of the vaporizer 1201 to acertain amount of use per day (such as twenty times a day, five times aday, and so on), to a certain frequency of use (such as once per hour,at least two hours between uses, and so on), to use in certain placesbut not others (such as at work but not at home, at the gym, and so on),and so on. Various configurations are possible and contemplated withoutdeparting from the scope of the present disclosure.

FIG. 13 depicts a flow chart illustrating a fifth example method 1300for authorizing a mobile identity information controlled device. Thismethod 1300 may be performed by one or more of the systems 700-1200 ofFIGS. 7-12 .

At operation 1310, an electronic device may obtain a digitalrepresentation of a biometric. The electronic device may obtain thedigital representation of the biometric by capturing the digitalrepresentation of the biometric via an integrated biometric readerdevice, receiving the digital representation of the biometric fromanother device that includes a biometric reader device, and so on.

At operation 1320, the electronic device may transmit the digitalrepresentation of the biometric via an enabling device. The electronicdevice may transmit the digital representation of the biometric to oneor more identity system devices via the enabling device. In someexamples, the enabling device may communicate with the electronic deviceand the identity system device using different communication mediaand/or different communication units.

At operation 1330, the electronic device may determine whether or not toallow operation using identity information obtained from the identitysystem device using the digital representation of the biometric. Forexample, the electronic device may receive the identity information anddetermine whether or not to allow operation. By way of another example,the electronic device may receive one or more signals indicating whetheror not to allow operation. Such signals may be received from one or moredevices that obtained the identity information and determined theappropriate signal to transmit using the identity information. If theelectronic device determines to allow operation, the flow may proceed tooperation 1340 where the electronic device may allow operation.Otherwise, the flow may proceed to operation 1350 where the electronicdevice may deny operation.

After the electronic device allows operation, the flow may proceed tooperation 1360 where the electronic device may determine whether or nota digital representation of a biometric is received and/or otherwiseobtained. If not, the flow may return to operation 1340 where theelectronic device continues to allow operation. Otherwise, the flow mayproceed to operation 1370 where the electronic device compares the newdigital representation of the biometric to the previous digitalrepresentation of the biometric. If there is a match, the flow mayreturn to operation 1340 where the electronic device continues to allowoperation. Otherwise, the flow may return to operation 1320 where theelectronic device may transmit the new digital representation of thebiometric via the enabling device.

In various examples, this example method 1300 may be implemented as agroup of interrelated software modules or components that performvarious functions discussed herein. These software modules or componentsmay be executed within a cloud network and/or by one or more computingdevices, such as one or more of the devices illustrated in FIGS. 7-12 .

Although the example method 1300 is illustrated and described asincluding particular operations performed in a particular order, it isunderstood that this is an example. In various implementations, variousorders of the same, similar, and/or different operations may beperformed without departing from the scope of the present disclosure.

For example, the method 1300 is illustrated and described as denyingoperation at 1350. However, in various examples, the flow may insteadreturn to operation 1310 where the electronic device waits to obtain adifferent digital representation of a biometric. Various configurationsare possible and contemplated without departing from the scope of thepresent disclosure.

FIG. 14 depicts a flow chart illustrating a sixth example method 1400for authorizing a mobile identity information controlled device. Thismethod 1400 may be performed by one or more of the systems 700-1200 ofFIGS. 7-12 .

At operation 1410, an electronic device may determine whether or not theelectronic device is connected to an enabling device via one or morecommunication media. If not, the electronic device may at operation 1440deny operation. Otherwise, the flow may proceed to operation 1420.

At operation 1420, after the electronic device determines that theelectronic device is connected to an enabling device via one or morecommunication media, the electronic device may determine whether or notan authorization signal is received that is based on identityinformation obtained by the enabling device using one or more digitalrepresentations of biometrics. If not, the flow may proceed to operation1440 where the electronic device may deny operation. Otherwise, the flowmay proceed to operation 1430 where the electronic device may allowoperation.

After the electronic device allows operation, the flow may proceed tooperation 1450 where the electronic device may determine whether or notthe electronic device maintains the connection to the enabling devicevia the one or more communication media. If so, the flow may return tooperation 1430 where the electronic device may continue to allowoperation. Otherwise, the flow may return to operation 1410 where theelectronic device may again determine whether or not the electronicdevice is connected to an enabling device via one or more communicationmedia.

In various examples, this example method 1400 may be implemented as agroup of interrelated software modules or components that performvarious functions discussed herein. These software modules or componentsmay be executed within a cloud network and/or by one or more computingdevices, such as one or more of the devices illustrated in FIGS. 7-12 .

Although the example method 1400 is illustrated and described asincluding particular operations performed in a particular order, it isunderstood that this is an example. In various implementations, variousorders of the same, similar, and/or different operations may beperformed without departing from the scope of the present disclosure.

For example, the method 1400 is illustrated and described as determiningwhether or not an authorization signal is received before allowingoperation. However, in various implementations, the electronic devicemay receive the identity information itself and determine whether or notto authorize operation using the identity information. Variousconfigurations are possible and contemplated without departing from thescope of the present disclosure.

In various implementations, a system for authorizing a mobile identityinformation controlled device may include a non-transitory storagemedium that stores instructions, a biometric reader device, at least onecommunication unit, and a processor. The processor may execute theinstructions to communicate with the mobile identity informationcontrolled device using the at least one communication unit; receive atleast one digital representation of a biometric using the biometricreader device; obtain identity information from an identity systemdevice, via the at least one communication unit, using the at least onedigital representation of the biometric; and determine whether totransmit an authorization signal to the mobile identity informationcontrolled device using the at least one communication unit based on theidentity information.

In some examples, the at least one digital representation of thebiometric may include a digital representation of at least one of afingerprint, a voiceprint, a facial image, a retina image, an irisimage, a deoxyribonucleic acid sequence, a heart rhythm, or a gait. In anumber of examples, the biometric reader device may include at least oneof a fingerprint scanner, an optical fingerprint scanner, aphosphorescent fingerprint scanner, a time-of-flight sensor, a camera,an image sensor, a saliva sensor, a deoxyribonucleic acid sensor, aheart rhythm monitor, or a microphone.

In various examples, the at least one communication unit may include ashort-range communication unit and a long-range communication unit, theprocessor may communicate with the mobile identity informationcontrolled device using the short-range communication unit, and theprocessor may obtain the identity information from the identity systemdevice using the long-range communication unit. In some such examples,the short-range communication unit may include at least one of anear-field communication unit, a Bluetooth communication unit, or aBluetooth Low Energy communication unit and the long-range communicationunit may include a WiFi communication unit or a cellular communicationunit.

In a number of examples, the mobile identity information controlleddevice may be configured to deauthorize after receiving theauthorization signal if the communication between the mobile identityinformation controlled device and the at least one communication unit isinterrupted. In various examples, the processor may determine totransmit the authorization signal to the mobile identity informationcontrolled device based on a verified age included in the identityinformation. In a number of examples, the mobile identity informationcontrolled device may be a vehicle, a vaporizer, or a media player.

In some implementations, a mobile identity information controlled devicemay include a non-transitory storage medium that stores instructions, abiometric reader device, a communication unit operative to communicatewith an enabling device, and a controller. The controller may executethe instructions to receive at least one digital representation of abiometric using the biometric reader device, transmit the at least onedigital representation of the biometric to the enabling device using thecommunication unit, and determine whether to authorize operation of themobile identity information controlled device based on identityinformation obtained by the enabling device from an identity systemdevice using the at least one digital representation of the biometric.

In various examples, the at least one digital representation of thebiometric may include a first biometric and the controller may beoperative to receive a second biometric via the biometric reader deviceand deauthorize operation of the mobile identity information controlleddevice when the second biometric mismatches the first biometric. In somesuch examples, the controller may attempt to reauthorize operation ofthe mobile identity information controlled device by transmitting thesecond biometric to the enabling device using the communication unit.

In some examples, the controller may deauthorize operation of the mobileidentity information controlled device upon determining thatcommunication with the enabling device is interrupted. In a number ofexamples, the mobile identity information controlled device may be avehicle, a vaporizer, or a media player. In various examples, thebiometric reader device may include at least one of a fingerprintscanner, an optical fingerprint scanner, a phosphorescent fingerprintscanner, a time-of-flight sensor, a camera, an image sensor, a salivasensor, a deoxyribonucleic acid sensor, a heart rhythm monitor, or amicrophone. In a number of examples, the at least one digitalrepresentation of the biometric may include a digital representation ofat least one of a fingerprint, a voiceprint, a facial image, a retinaimage, an iris image, a deoxyribonucleic acid sequence, a heart rhythm,or a gait. In some examples, the communication unit may include at leastone of a near-field communication unit, a Bluetooth communication unit,or a Bluetooth Low Energy communication unit.

In various embodiments, a mobile identity information controlled devicemay include a non-transitory storage medium that stores instructions, abiometric reader device, a communication unit, and a controller. Thecontroller may execute the instructions to receive at least one digitalrepresentation of a biometric using the biometric reader device; obtainidentity information from an identity system device, via thecommunication unit, using the at least one digital representation of thebiometric; and determine whether to authorize operation of the mobileidentity information controlled device based on a verified age includedin the identity information.

In some examples, the mobile identity information controlled device maybe a vehicle, a vaporizer, or a media player. In a number of examples,the at least one digital representation of the biometric may include adigital representation of at least one of a fingerprint, a voiceprint, afacial image, a retina image, an iris image, a deoxyribonucleic acidsequence, a heart rhythm, or a gait. In various examples, the biometricreader device may include at least one of a fingerprint scanner, anoptical fingerprint scanner, a phosphorescent fingerprint scanner, atime-of-flight sensor, a camera, an image sensor, a saliva sensor, adeoxyribonucleic acid sensor, a heart rhythm monitor, or a microphone.

Although the above is illustrated and described in the context of amobile identity information controlled device, it is understood thatthese are examples. In various implementations, techniques disclosedherein may be used in the context of electronic devices that are notmobile and/or not easily mobile without departing from the scope of thepresent disclosure.

For example, in some implementations, the techniques described hereinmay be used in the context of a smart house and/or other smart building.Authorizations may be granted to access (whether temporarily,conditionally, and so on) part or all of the house and/or use variouscomponents included therein. For example, a cleaning service may begranted authorization to enter areas of the smart house that thecleaning service is to clean. By way of another example, a portion ofthe smart house may be leased for a night to a person and the person maybe authorized to enter that portion of the house and/or to use variouscomponents of the smart house (such as entry to one bedroom but notanother, ability to operate a television but not a stove, and so on).Various configurations are possible and contemplated without departingfrom the scope of the present disclosure.

As described above, the present application also relates to authorizinga mobile identity information controlled financial account device. Thiswill now be described in detail.

FIG. 15 depicts a first example system 1500 for authorizing a mobileidentity information controlled financial account device. The system1500 may include one or more electronic devices (such as one or moreidentity system devices 1502, enabling devices 1503, payment acceptingdevices 1531, and so on) that are operable to communicate with one ormore financial account devices 1501 (which may be a mobile identityinformation controlled financial account device) via one or more wiredand/or wireless communication networks 1525.

The financial account device 1501 may include any kind of device thatmay be used to perform one or more functions related to one or morefinancial accounts. Examples of such devices may include credit cards,debit cards, smart cards, rewards account cards, loyalty account cards,gift cards, mobile and/or other computing devices usable to perform oneor more functions related to one or more financial accounts, and so on.Examples of such financial accounts may include one or more credit cardaccounts, checking accounts, savings accounts, rewards accounts, loyaltyaccounts, airline miles accounts, insurance accounts, and so on.Examples of functions that may be performed related to one or morefinancial accounts may include paying for one or more transactions usingthe one or more financial accounts, updating information related to oneor more financial accounts, assigning and/or updating one or morepermissions regarding one or more functions that one or more people mayperform using one or more financial accounts and/or the financialaccount device 1501, and so on.

The electronic device may communicate with the financial account device1501 to authorize the financial account device 1501. The electronicdevice may receive at least one digital representation of a biometric(such as via a biometric reader device included in and/or separate fromthe financial account device 1501), obtain identity information usingthe at least one digital representation of the biometric (such as viathe identity system device 1502), and determine whether or not totransmit an authorization signal to the financial account device 1501that enables use of the financial account device 1501 in at least onetransaction involving at least one financial account (such as when thefinancial account device 1501 is presented to the payment acceptingdevice 1531, which may be associated with the at least one transaction).The financial account device 1501 may be usable for the at least onetransaction when the financial account device 1501 receives theauthorization signal.

In this way, authorization can be controlled at the financial accountdevice 1501 with a great amount of granularity and fidelity to specificpeople, for specific transactions, at specific times, and so on as wouldnot otherwise be performable by conventional systems. This may enable awide variety of functionality beyond determining whether or not afinancial account is currently valid and/or whether or not a personclaims to have a name and/or provides a signature matching one on a cardand/or otherwise associated with a financial account. Further, this mayfree up systems involving devices that accept payment and/or financialaccount issuers from having to constantly communicate with each otherand/or determine financial account validity. As such, these systemsand/or larger systems with which they are involved may operate moreefficiently, eliminate redundant components, and/or use less hardwareand/or software resources than would otherwise be possible inconventional systems.

For example, in various implementations, the financial account device1501 may include a payment interface (such as a magnetic strip, anear-field communication (NFC) component, a radio-frequencyidentification (RFID) tag or chip, and so on) for communicating with thepayment accepting device 1531 (which may be a merchant point of saledevice and/or other device that is operable to accept payment) and acommunication unit that is operable to communicate with an enablingdevice 1503 (such as a smart phone, mobile computing device, personalelectronic device, and/or other electronic device) but inoperable tocommunicate with the identity system device 1502. However, the enablingdevice 1503 may include communication units that are operable tocommunicate with both the financial account device 1501 and the identitysystem device 1502 (and/or the payment accepting device 1531 and/orother electronic devices) and/or other components (such as one or morebatteries and/or other power sources, biometric reader devices, and soon). By way of illustration, the financial account device 1501 mayinclude a short-range communication unit (such as a NFC communicationunit, a Bluetooth communication unit, a Bluetooth Low Energycommunication unit, and so on) whereas the enabling device 1503 mayinclude both short-range communication units and long-rangecommunication units (such as a Wifi communication unit, a cellularcommunication unit, and so on). The enabling device 1503 may receive atleast one digital representation of a biometric (such as from abiometric reader device included in and/or associated with the financialaccount device 1501, a biometric reader device included in and/orassociated with the enabling device 1503 in situations where a biometricreader device is not included in the financial account device 1501 orwhere a biometric reader device included in the financial account device1501 is not to be used, and so on), obtain identity information from theidentity system device 1502 using the at least one digitalrepresentation of the biometric, and determine whether or not totransmit an authorization signal to the financial account device thatenables use of the financial account device 1501 in at least onetransaction involving at least one financial account.

By way of another example, the financial account device 1501 may includea non-transitory storage medium that stores instructions, acommunication unit operative to communicate with the enabling device1503, a controller, and/or other components (such as one or morebatteries and/or other power sources, biometric reader devices, and soon). The controller may execute the instructions to obtain at least onedigital representation of a biometric, transmit the at least one digitalrepresentation of the biometric to the enabling device 1503 using thecommunication unit, and determine whether to authorize use of thefinancial account device 1501 in at least one transaction involving atleast one financial account based on identity information obtained bythe enabling device 1503 from the identity system device 1502 using theat least one digital representation of the biometric.

In other examples, the financial account device 1501 may be operable tocommunicate with the identity system device 1502 directly and theenabling device 1503 may be omitted. In still other examples, thefinancial account device 1501 and the payment accepting device 1531 maybe incorporated into a single device. By way of illustration, thefinancial account device 1501 and the payment accepting device 1531 maybe incorporated into a mobile and/or other computing device that mayimplement a web browser that is usable to make payments via a paymentaccepting web site. Various configurations are possible and contemplatedwithout departing from the scope of the present disclosure.

In various examples, the financial account device 1501 may be authorizedfor each use. In other examples, the financial account device 1501 mayremain authorized until receiving a deauthorization signal, for a periodof time (such as five minutes, ten hours, and so on), untilcommunication with the financial account device 1501 (such as betweenthe financial account device 1501 and the enabling device 1503) isinterrupted, and so on. In still other examples, the financial accountdevice 1501 may remain authorized until a digital representation of abiometric associated with a different person is received (whereupon thefinancial account device 1501 may be deauthorized and an attempt may bemade to reauthorize the financial account device 1501 using the digitalrepresentation of the biometric associated with the different person).Various configurations are possible and contemplated without departingfrom the scope of the present disclosure.

The electronic device that authorizes and/or enables use of thefinancial account device 1501 in at least one transaction involving atleast one financial account may obtain data from the identityinformation and/or other sources related to one or more personsassociated with the at least one digital representation of thebiometric, one or more permissions associated with the one or morepersons and/or the at least one transaction (such as transactioninformation received from the payment accepting device 1531, thefinancial account device 1501, the enabling device 1503, a combinationthereof, and so on), a current time or time period, a current location,and/or any other data that may be used to specify whether or not use ofthe financial account device 1501 in the at least one transaction is tobe authorized and/or enabled. By way of illustration, the one or morepermissions may restrict at least one of a transaction time, atransaction place, a transaction subject, a transaction amount, anaggregate transaction amount, an aggregate number of transactions, andso on. The one or more permissions may be permanent, permanent untilrevoked, temporary (such as valid for the next hour, for a week, duringbanking hours, and so on), and so on.

For example, an electronic device (such as the financial account device1501, the identity system device 1502, the enabling device 1503, thepayment accepting device 1531, and so on) may receive a digitalrepresentation of a biometric for a person along with at least onepermission regarding the financial account device 1501. Subsequently,the electronic device may determine whether or not to authorize use ofthe financial account device 1501 based on the at least one permissionwhen the digital representation of the biometric is received.

By way of illustration, a person may specify maximum and aggregatetransaction amounts regarding the person's credit card for the timeperiod of a weekend during which the person intends to go outcelebrating. As such, the person may not be required to monitortransaction amounts himself. Instead, the credit card may be authorizeduntil one of the maximum amounts is reached, whereupon the person'scredit card may not be authorized and/or may be deauthorized.

The system 1500 may also include functionality related to a first personassigning one or more permissions to use the financial account device1501 to a second person and/or one or more other people. In such anexample, an electronic device (such as the financial account device1501, the identity system device 1502, the enabling device 1503, thepayment accepting device 1531, and so on) may receive a first digitalrepresentation of a biometric for a first person along with at least onepermission to assign regarding the financial account device 1501. The atleast one permission may be assigned to a second person. The electronicdevice may determine whether or not to authorize use of the financialaccount device 1501 when a second digital representation of a biometricfor the second person is received.

For example, the electronic device may include a non-transitory storagemedium that stores instructions, at least one biometric reader device,at least one communication unit, and a processor. The processor mayexecute the instructions to communicate with the financial accountdevice 1501 using the at least one communication unit; receive a firstdigital representation of a biometric for a first person using the atleast one biometric reader device; receive at least one permission fromthe first person to assign regarding the financial account device 1501;receive a second digital representation of a biometric for a secondperson using the at least one biometric reader device; obtain identityinformation from the identity system device 1502, via the at least onecommunication unit, using the second digital representation of thebiometric for the second person; and determine whether to transmit anauthorization signal to the financial account device 1501 using the atleast one communication unit based on the identity information and theat least one permission wherein the authorization signal enables use ofthe financial account device 1501 in at least one transaction involvingat least one financial account.

By way of illustration, a parent may specify that a child may use theparent's debit card to purchase food items at a specific grocery storebetween the hours of 4:00 PM and 5:00 PM. This may allow the child touse the parent's debit card to buy a snack at the grocery store on thechild's way home from school without enabling the child to purchaseother items and/or otherwise use the parent's debit card.

By way of another illustration, an elderly parent may desire assistanceof a supervising child in monitoring use of his credit card. The elderlyparent may specify that he can approve his own use of his credit cardfor groceries, gasoline, or similar routine expenses. However, theelderly parent may specify that payments over $1000 and/or tocontractors require approval of his supervising child in order to assistthe elderly parent in combatting fraud. Upon the elderly parentattempting to use his credit card for such a restricted transaction, thesupervising child may be required to provide his biometric and/orcontacted to obtain his biometric in order to approve the transaction.In other cases, approval may be specified for any person who has a powerof attorney or similar supervisory role for the elderly parent or otherperson, and the system 1500 may record and/or track the identities ofpeople who have such powers of attorney and/or similar supervisory rolesfor one or more other identities of other people. Various configurationsare possible and contemplated without departing from the scope of thepresent disclosure.

The system 1500 may also include functionality related to interactingwith one or more fraud detection and/or similar services associated withone or more financial accounts. For example, the system 1500 mayincrease verification measures in response to a fraud detection servicecommunicating a monitored increased fraud risk, such as requiring abiometric until informed of the monitored increased fraud risk and thenrequiring a biometric and confirmation via message delivered to anassociated mobile computing device. By way of another example, thesystem 1500 may decrease verification measures in response to a frauddetection service communicating a monitored decreased fraud risk, suchrequiring a biometric and confirmation via message delivered to anassociated mobile computing device until informed of the monitoreddecreased fraud risk and then requiring a biometric without theconfirmation via message delivered to the associated mobile computingdevice.

In some situations, the system 1500 may communicate with the frauddetection and/or similar service to change the monitored fraud risk. Forexample, use of biometric verification may be communicated to the frauddetection and/or similar service to decrease the monitored fraud risk.By way of another example, facial distress and possible other partieswho may be coercing participating in a transaction may be communicatedto the fraud detection and/or similar service to increase the monitoredfraud risk. In some examples, techniques may be used to contact a personsuspected to be coerced to determine if this is the case, such as amessage transmitted to an associated electronic device prompting theperson to blink twice in order to summon law enforcement. Variousconfigurations are possible and contemplated without departing from thescope of the present disclosure.

The financial account device 1501, the identity system device 1502, theenabling device 1503, and/or the payment accepting device 1531 may eachbe any kind of device. Examples of such devices include, but are notlimited to, one or more desktop computing devices, laptop computingdevices, mobile computing devices, wearable devices, tablet computingdevices, mobile telephones, smart phones, printers, displays, vehicles,kitchen appliances, vaporizers, entertainment system devices, digitalmedia players, smart houses or other smart buildings, and so on. Thefinancial account device 1501, the identity system device 1502, theenabling device 1503, and/or the payment accepting device 1531 may eachinclude one or more controllers and/or other processors and/orprocessing units, one or more non-transitory storage media (which maytake the form of, but is not limited to, a magnetic storage medium;optical storage medium; magneto-optical storage medium; read onlymemory; random access memory; erasable programmable memory; flashmemory; and so on), one or more communication units, one or morebiometric reader devices (such as a fingerprint scanner, an opticalfingerprint scanner, a phosphorescent fingerprint scanner, a palmscanner, a vein scanner, a time-of-flight sensor, a camera, an imagesensor, a saliva sensor, a deoxyribonucleic acid sensor, a heart rhythmmonitor, a microphone, and so on) that are operable to obtain one ormore digital representations of one or more biometrics (such as a hashand/or other digital representation of a fingerprint, a voiceprint, afacial image, a retina image, an iris image, a deoxyribonucleic acidsequence, a heart rhythm, a gait, a palm scan, a vein scan, and so on),one or more batteries and/or other power components, and/or one or moreother components (such as one or more input/output components, buttons,sensors, and so on). The controller may execute one or more sets ofinstructions stored in the non-transitory storage media to performvarious functions.

For example, an electronic device (such as one or more of the financialaccount device 1501, the enabling device 1503, and/or the paymentaccepting device 1531) may be operable to receive identificationinformation, such as one or more hashes and/or other digitalrepresentations of one or more biometrics, one or more account logins,one or more passwords, and so on. The electronic device may transmit theidentification information directly and/or indirectly to the identitysystem device 1502. The identity system device 1502 may determinewhether the identification information is associated with storedidentity information (such as one or more names, addresses, phonenumbers, social security numbers, credit card and/or other financialinformation, payment records, purchase and/or other behavior records,age and/or verified age, driver's license and/or other identification orauthorization information, vehicle rental contract information,insurance verification, and so on). If so, the identity system device1502 may return and/or otherwise allow access to associated identityinformation and/or one or more attestations regarding such directlyand/or indirectly to the electronic device (such as a name of a person,as one or more permissions related to the use of a financial accountassociated with the financial account device 1501, and so on). Theelectronic device may use the identity information and/or attestationregarding such to authorize and/or deny and/or otherwise restrict use ofthe financial account device 1501.

In various embodiments, the electronic device may reobtain theidentification information and/or the identity information and/orattestation each time use of the financial account device 1501 and/orthe electronic device is attempted. If the electronic device is not ableto reobtain the identification information and/or the identityinformation and/or attestation, the electronic device may deauthorizeoperation. This may prevent and/or otherwise restrict a person fromproviding the identification information to authorize use of thefinancial account device 1501 and then providing the electronic deviceor financial account device 1501 to another person. In otherembodiments, the electronic device may reobtain the identificationinformation and/or the identity information and/or attestation upon theoccurrence of a condition, such as movement of the electronic deviceand/or the financial account device 1501, alteration of the electronicdevice and/or the financial account device 1501, expiration of a timeperiod (such as ten minutes, one day, and so on), interruption of acommunication connection between the electronic device and anotherdevice (such as the identity system device 1502, the financial accountdevice 1501, and so on), receipt of a deauthorization signal, travel ofthe electronic device away from the financial account device 1501 and/orvice versa, and so on. This may balance fraud prevention andfunctionality with minimized network communication, efficient operation,and so on.

Although the system 1500 is illustrated and described in the context ofaccepting payments, it is understood that this is an example and thatother contexts are possible and contemplated. Similar techniques may beused in the context of receiving payments, providing payments, and soon. Various configurations are possible and contemplated withoutdeparting from the scope of the present disclosure.

For example, the payment accepting device 1531 is described as a paymentaccepting device 1531. However, it is understood that this is anexample. In other implementations, the payment accepting device 1531 maybe a payment receiving device, a payment providing device, and/or adevice that performs one or more other roles. Various configurations arepossible and contemplated without departing from the scope of thepresent disclosure.

FIG. 16 depicts a flow chart illustrating a first example method 1600for authorizing a mobile identity information controlled financialaccount device. This method 1600 may be performed by one or more of thesystems 1500, 1800-2200 of FIGS. 15 and 18-22B.

At operation 1610, an electronic device (such as one or more of thefinancial account devices 1501, 1801-2201 and/or the enabling devices1503, 1903, 2103, 2203A, 2203B of FIGS. 15 and 18-22B) may receive atleast one digital representation of a biometric. For example, theelectronic device may receive one or more digital representations of oneor more biometrics (such as a hash and/or other digital representationof a fingerprint, a voiceprint, a facial image, a retina image, an irisimage, a deoxyribonucleic acid sequence, a heart rhythm, a gait, a palmscan, a vein scan, and so on) obtained using one or more biometricreader devices (such as a fingerprint scanner, an optical fingerprintscanner, a phosphorescent fingerprint scanner, a palm scanner, a veinscanner, a time-of-flight sensor, a camera, an image sensor, a salivasensor, a deoxyribonucleic acid sensor, a heart rhythm monitor, amicrophone, and so on).

At operation 1620, the electronic device may obtain identityinformation. For example, the electronic device may provide the at leastone digital representation of the biometric to one or more identitysystem devices (such as the identity system device 1502 of FIG. 15 ) andreceive the identity information in return based upon the one or moreidentity system devices determining a correspondence between the atleast one digital representation of the biometric and stored biometricdata associated with the identity information.

At operation 1630, the electronic device may determine whether or not toauthorize use of a financial account device for one or more transactionsinvolving one or more financial accounts. Determining whether or not toauthorize use of the financial account device for the one or moretransactions involving the one or more financial accounts may involveevaluating the identity information, transaction information, one ormore transaction restrictions specified in one or more permissions thatlimit use to transactions having specific characteristics, a currenttime, a current location, one or permissions (such as one or morepermissions associated with the identity information, the one or morefinancial accounts, the financial account devices, the one or moretransactions, and so on).

If so, the flow may proceed to operation 1640 where the electronicdevice may allow use of the financial account device for the one or moretransactions involving the one or more financial accounts. In someexamples, the electronic device allowing use of the financial accountdevice for the one or more transactions involving the one or morefinancial accounts may involve transmitting an authorization signal tothe financial account device. In various examples, the electronic deviceallowing use of the financial account device for the one or moretransactions involving the one or more financial accounts may involveproviding the financial account device an authorization indicationand/or other authorization token, such as an authorization tokenprovided by an identity system device that the financial account devicemay provide to a payment accepting device. Such an authorization tokenmay be encrypted with a private key of a public/private key pair that isassociated with the identity system device in order to enable thepayment accepting device or other device to verify the authorizationtoken by decrypting the authorization token using the public key of thepublic/private key pair. Otherwise, the flow may proceed to operation1650 where the electronic device may deny use of the financial accountdevice for the one or more transactions involving the one or morefinancial accounts.

In various examples, this example method 1600 may be implemented as agroup of interrelated software modules or components that performvarious functions discussed herein. These software modules or componentsmay be executed within a cloud network and/or by one or more computingdevices, such as one or more of the financial account devices 1501,1801-2201 and/or the enabling devices 1503, 1903, 2103, 2203A, 2203B ofFIGS. 15 and 18-22B.

Although the example method 1600 is illustrated and described asincluding particular operations performed in a particular order, it isunderstood that this is an example. In various implementations, variousorders of the same, similar, and/or different operations may beperformed without departing from the scope of the present disclosure.

For example, the method 1600 is illustrated and described as authorizingthe use of the financial account device for the one or more transactionsinvolving the one or more financial accounts. However, it is understoodthat this is an example. In various implementations, the method 1600 maybe performed by the financial account device itself. Alternatively, in anumber of implementations, the method 1600 may authorize the use of oneor more financial accounts without involvement of any kind of financialaccount device. Various configurations are possible and contemplatedwithout departing from the scope of the present disclosure.

FIG. 17 depicts a flow chart illustrating a second example method 1700for authorizing a mobile identity information controlled financialaccount device. This method 1700 may be performed by one or more of thesystems 1500, 1800-2200 of FIGS. 15 and 18-22B.

At operation 1710, an electronic device (such as one or more of thefinancial account devices 1501, 1801-2201 and/or the enabling devices1503, 1903, 2103, 2203A, 2203B of FIGS. 15 and 18-22B) may receive afirst digital representation of a biometric for a first person. Theelectronic device may also receive a request to assign one or morepermissions related to use of one or more financial accounts and/orfinancial account devices. For example, the electronic device mayreceive a first digital representation of a biometric for a first person(such as a hash and/or other digital representation of a fingerprint, avoiceprint, a facial image, a retina image, an iris image, adeoxyribonucleic acid sequence, a heart rhythm, a gait, a palm scan, avein scan, and so on) obtained using one or more biometric readerdevices (such as a fingerprint scanner, an optical fingerprint scanner,a phosphorescent fingerprint scanner, a palm scanner, a vein scanner, atime-of-flight sensor, a camera, an image sensor, a saliva sensor, adeoxyribonucleic acid sensor, a heart rhythm monitor, a microphone, andso on).

At operation 1720, the electronic device may obtain first identityinformation associated with the first person. For example, theelectronic device may provide the first digital representation of thebiometric for the first person to one or more identity system devices(such as the identity system device 1502 of FIG. 15 ) and receive thefirst identity information in return based upon the one or more identitysystem devices determining a correspondence between the first digitalrepresentation of the biometric for the first person and storedbiometric data associated with the first identity information.

At operation 1730, the electronic device may determine whether the firstidentity information indicates that the first person is authorized toassign one or more requested permissions related to use of the one ormore financial accounts and/or the one or more financial accountdevices. If so, the flow may proceed to operation 1740 where theelectronic device allows the one or more requested permissions relatedto use of the one or more financial accounts and/or the one or morefinancial account devices to be assigned. This may involve transmittingthe one or more requested permissions related to use of the one or morefinancial accounts and/or the one or more financial account devices toone or more identity system devices (such as the identity system device1502 of FIG. 15 ) to be recorded in one or more sets of stored identityinformation. Otherwise, the flow may proceed to operation 1750 where theelectronic device may deny the request to assign the one or morerequested permissions related to use of the one or more financialaccounts and/or the one or more financial account devices.

At operation 1760, the electronic device may receive a second digitalrepresentation of a biometric for a second person. For example, theelectronic device may receive a second digital representation of abiometric for a second person obtained using one or more biometricreader devices.

At operation 1770, the electronic device may obtain second identityinformation associated with the second person. For example, theelectronic device may provide the second digital representation of thebiometric for the second person to one or more identity system devices(such as the identity system device 1502 of FIG. 15 ) and receive thesecond identity information in return based upon the one or moreidentity system devices determining a correspondence between the seconddigital representation of the biometric for the second person and storedbiometric data associated with the second identity information.

At operation 1780, the electronic device may determine whether or not toauthorize use of a financial account device for one or more transactionsinvolving one or more financial accounts. Determining whether or not toauthorize use of the financial account device for the one or moretransactions involving the one or more financial accounts may involveevaluating the second identity information, the first identityinformation, transaction information, one or more transactionrestrictions specified in one or more permissions that limit use totransactions having specific characteristics, a current time, a currentlocation, one or more permissions (such as one or more permissionsassociated with the first identity information, one or more permissionsassociated with the second identity information, the one or morefinancial accounts, the financial account devices, the one or moretransactions, and so on).

If so, the flow may proceed to operation 1790 where the electronicdevice may allow use of the financial account device for the one or moretransactions involving the one or more financial accounts. In someexamples, the electronic device allowing use of the financial accountdevice for the one or more transactions involving the one or morefinancial accounts may involve transmitting an authorization signal tothe financial account device. Otherwise, the flow may proceed tooperation 1750 where the electronic device may deny use of the financialaccount device for the one or more transactions involving the one ormore financial accounts.

In various examples, this example method 1700 may be implemented as agroup of interrelated software modules or components that performvarious functions discussed herein. These software modules or componentsmay be executed within a cloud network and/or by one or more computingdevices, such as one or more of the financial account devices 1501,1801-2201 and/or the enabling devices 1503, 1903, 2103, 2203A, 2203B ofFIGS. 15 and 18-22B.

Although the example method 1700 is illustrated and described asincluding particular operations performed in a particular order, it isunderstood that this is an example. In various implementations, variousorders of the same, similar, and/or different operations may beperformed without departing from the scope of the present disclosure.

For example, the method 1700 is illustrated and described as involving afirst person assigning one or more permissions to a second person.However, it is understood that this is an example. In variousimplementations, a person may assign one or more permissions to himself,remove one or more existing permissions, assign one or more permissionsto multiple people, and so on. Further, in a number of examples,different devices may be involved with assignment of permissions andauthorization of use. Various configurations are possible andcontemplated without departing from the scope of the present disclosure.

FIG. 18 depicts a second example system 1800 for authorizing a mobileidentity information controlled financial account device. The system1800 may include a person 1830 using a financial account device 1801that includes a biometric reader device 1811. In this example, thefinancial account device 1801 is a smart phone and the biometric readerdevice 1811 may be a time-of flight sensor or other image sensor, suchas a camera. Further in this example, the smart phone may also serve thefunction of a payment accepting device as the smart phone may implementa web browser that is operable to accept a payment via one or morefinancial accounts associated with the person 1830 and/or the smartphone. The smart phone may use the biometric reader device 1811 toobtain a facial image of the person 1830, use a digital representationof the facial image to obtain identity information for the person 1830,and determine whether or not to authorize use of the smart phone for oneor more transactions via the web browser involving the one or morefinancial accounts. However, it is understood that this is an example.Various configurations are possible and contemplated without departingfrom the scope of the present disclosure.

FIG. 19 depicts a third example system 1900 for authorizing a mobileidentity information controlled financial account device. The system1900 may include a person 1930 using a financial account device 1901that is a smart credit card associated with one or more financialaccounts. The system 1900 may also include an enabling device 1903 thatincludes a biometric reader device 1911. In this example, the enablingdevice 1903 may be a smart phone and the biometric reader device 1911may be a time-of flight sensor or other image sensor, such as a camera.Further in this example, the system 1900 may include a payment acceptingdevice 1931 that is a magnetic strip scanner on a point of sale device.The smart phone may use the biometric reader device 1911 to obtain afacial image of the person 1930, use a digital representation of thefacial image to obtain identity information for the person 1930, anddetermine whether or not to authorize use of the smart credit card forone or more transactions via the magnetic strip scanner on the point ofsale device involving the one or more financial accounts. However, it isunderstood that this is an example. Various configurations are possibleand contemplated without departing from the scope of the presentdisclosure.

FIG. 20 depicts a fourth example system 2000 for authorizing a mobileidentity information controlled financial account device. The system2000 may include a person 2030 using a financial account device 2001that includes a biometric reader device 2011. In this example, thefinancial account device 2001 is a point of sale device and thebiometric reader device 2011 may be a biometric scanner (such as afingerprint scanner, a palm scanner, a vein scanner, and so on). Furtherin this example, the point of sale device may also serve the function ofa payment accepting device as the point of sale device may be operableto accept payments for one or more transactions associated with one ormore financial accounts. The point of sale device may use the biometricreader device 2011 to obtain a scan of a biometric from the person 2030,use a digital representation of the scan of the biometric to obtainidentity information for the person 2030, and determine whether or notto authorize use of the point of sale device for one or moretransactions involving the one or more financial accounts. However, itis understood that this is an example. Various configurations arepossible and contemplated without departing from the scope of thepresent disclosure.

The system 2000 is illustrated as a register point of sale device withan integrated biometric reader device 2011. However, it is understoodthat this is an example. In other implementations, the point of saledevice may be an electronic device, such as a tablet computing device,that connects to a credit card reader device (such as is provided bySquare™) with an incorporated biometric reader device 2011. Variousconfigurations are possible and contemplated without departing from thescope of the present disclosure.

FIG. 21 depicts a fifth example system 2100 for authorizing a mobileidentity information controlled financial account device. The system2100 may include a person 2130 using a financial account device 2101that is a smart card associated with one or more financial accounts andincluding a biometric reader device 2111 that is a fingerprint sensor.The system 2100 may also include an enabling device 2103 that is a smartphone and a payment accepting device 2131 that is a magnetic stripscanner on a point of sale device. The smart card may use thefingerprint sensor to obtain fingerprint data for the person 2130 andtransmit a digital representation thereof to the smart phone. The smartphone may use the digital representation of the fingerprint data toobtain identity information for the person 2130 and determine whether ornot to authorize use of the smart card for one or more transactions viathe magnetic strip scanner on the point of sale device involving the oneor more financial accounts. However, it is understood that this is anexample. Various configurations are possible and contemplated withoutdeparting from the scope of the present disclosure.

FIG. 22A depicts a sixth example system 2200 for authorizing a mobileidentity information controlled financial account device. The system2200 may include a first person 2230A using a financial account device2201 that is a smart credit card associated with one or more financialaccounts and a first enabling device 2203A that is a smart phone with afirst biometric reader device 2211A that is a first time-of flightsensor or other image sensor, such as a camera. The first person 2230Amay use the first smart phone to assign one or more permissionsregarding use of the smart credit card and/or the one or more financialaccounts to a second person 2230B. This may enable the second person2230B to use the smart credit card and/or the one or more financialaccounts for one or more transactions via a payment accepting device2231 that is a magnetic strip scanner on a point of sale device. Asshown, the second person 2230B may be using a second enabling device2203B that may be a tablet computing device with a second biometricreader device 2211B that is a second time-of flight sensor or otherimage sensor, such as a camera.

The first person 2230A may use the smart phone and the firsttime-of-flight sensor to obtain a first facial image of the first person2230A and specify one or more permissions regarding use of the smartcredit card and/or the one or more financial accounts to assign to thesecond person 2230B. The smart phone may use a digital representation ofthe first facial image to obtain first identity information for thefirst person 2230A and determine whether or not the first person 2230Ais authorized to assign the one or more permissions regarding use of thesmart credit card and/or the one or more financial accounts to thesecond person 2230B. If so, the one or more permissions regarding use ofthe smart credit card and/or the one or more financial accounts may beassigned to the second person 2230B.

Subsequently, as shown in FIG. 22B, the second person 2230B may attemptto accept authorization to use the smart credit card. The second person2230B may use the tablet computing device and second time-of-flightsensor to obtain a second facial image of the second person 2230B andaccept the assigned one or more permissions regarding use of the smartcredit card and/or the one or more financial accounts. In some examples,the tablet computing device may be contacted by another device, such asthe smart phone, to obtain the second facial image of the second person.The tablet computing device may use a digital representation of thesecond facial image to obtain second identity information for the secondperson 2230B and determine to authorize use of the smart credit cardand/or the one or more financial accounts for the second person 2230Bvia the magnetic strip reader of the point of sale device based on thesecond identity information and the one or more permissions regardinguse of the smart credit card and/or the one or more financial accounts.However, it is understood that this is an example. Variousconfigurations are possible and contemplated without departing from thescope of the present disclosure.

By way of illustration, FIGS. 22A and 22B illustrate the first person2230A and the second person 2230B using different enabling devices2203A, 2203B and different biometric reader devices 2211A, 2211B.However, it is understood that this is an example. In otherimplementations, a single device may be used instead of the differentenabling devices 2203A, 2203B and/or the different biometric readerdevices 2211A, 2211B. Various configurations are possible andcontemplated without departing from the scope of the present disclosure.

In another example, multiple parties in a corporation may be authorizedto use a corporate credit card, but may be restricted from using thecorporate credit card when personally involved in a transaction. By wayof illustration, a person may be among a set of people authorized to usethe company credit card, but that use may be subject to approval byanother from the set when the person is being paid by the transaction,would obtain personal use of the subject of the transaction, and so on.For example, a first person may provide a first biometric when using thecorporate credit card and a second authorized person who is present mayalso be required to provide a second biometric if the first person ispersonally involved in the transaction. In another example, the secondauthorized person may not be present and instead an electronic deviceassociated with the second authorized person may be contacted to obtainthe second biometric from the second authorized person. Variousconfigurations are possible and contemplated without departing from thescope of the present disclosure.

In such scenarios, one or more copies of the corporate credit card maybe provided to various people in the corporation and each person'sindividual use of one or more of the copies of the corporate credit cardmay be controlled based on one or more sets of permissions according tothat person's role in the corporation. By way of illustration,travelling service technicians may be authorized to use a copy of thecorporate credit card for non-entertainment travel expenses, sales staffmay be authorized to use a copy of the corporate credit card fornon-entertainment travel expenses as well as entertainment expenses notexceeding $500, and so on. Further, such permissions may be updatedaccording to changes in roles, such as cancelling of all permissions fora person upon termination so that the person is no longer able to useany copy of the corporate credit card for any purpose.

In various implementations, a system for authorizing a mobile identityinformation controlled financial account device may include anon-transitory storage medium that stores instructions, a biometricreader device, at least one communication unit, and a processor. Theprocessor may execute the instructions to communicate with the mobileidentity information controlled financial account device using the atleast one communication unit; receive at least one digitalrepresentation of a biometric using the biometric reader device; obtainidentity information from an identity system device, via the at leastone communication unit, using the at least one digital representation ofthe biometric; and determine whether to transmit an authorization signalto the mobile identity information controlled financial account deviceusing the at least one communication unit based on the identityinformation wherein the authorization signal enables use of the mobileidentity information controlled financial account device in at least onetransaction involving at least one financial account.

In some examples, the at least one communication unit may be ashort-range communication unit and a long-range communication unit, theprocessor may communicate with the mobile identity informationcontrolled financial account device using the short-range communicationunit, and the processor may obtain the identity information from theidentity system device using the long-range communication unit. Invarious such examples, the short-range communication unit may be atleast one of a near-field communication unit, a Bluetooth communicationunit, or a Bluetooth Low Energy communication unit and the long-rangecommunication unit may be a WiFi communication unit or a cellularcommunication unit.

In a number of examples, the mobile identity information controlledfinancial account device may be configured to deauthorize afterreceiving the authorization signal if the communication between themobile identity information controlled financial account device and theat least one communication unit is interrupted. In some examples, theidentity information may include at least one permission and theprocessor may determine whether to transmit the authorization signalbased on the at least one permission. In a number of such examples, theat least one permission may restrict at least one of a transaction time,a transaction place, a transaction subject, a transaction amount, anaggregate transaction amount, or an aggregate number of transactions. Invarious examples, the processor may receive transaction information forthe at least one transaction and evaluate the transaction information indetermining whether to transmit the authorization signal.

In some implementations, a mobile identity information controlledfinancial account device may include a non-transitory storage mediumthat stores instructions, a communication unit operative to communicatewith an enabling device, and a controller. The controller may executethe instructions to obtain at least one digital representation of abiometric, transmit the at least one digital representation of thebiometric to the enabling device using the communication unit, anddetermine whether to authorize use of the mobile identity informationcontrolled financial account device in at least one transactioninvolving at least one financial account based on identity informationobtained by the enabling device from an identity system device using theat least one digital representation of the biometric.

In various examples, the controller may determine to authorize use ofthe mobile identity information controlled financial account device andtransmit an authorization indication to a payment accepting device forthe at least one transaction.

In some examples, the mobile identity information controlled financialaccount device may further include a biometric reader device that thecontroller may use to obtain the at least one digital representation ofthe biometric. In a number of such examples, the at least one digitalrepresentation of the biometric may be a first digital representation ofa biometric and the controller may be operative to receive a seconddigital representation of a biometric via the biometric reader deviceand deauthorize use of the mobile identity information controlledfinancial account device when the second digital representation of thebiometric mismatches the first digital representation of the biometric.In some such examples, the controller may attempt to reauthorize use ofthe mobile identity information controlled financial account device bytransmitting the second digital representation of the biometric to theenabling device using the communication unit.

In a number of examples, the controller may deauthorize operation of themobile identity information controlled financial account device uponinterruption of communication with the enabling device.

In various embodiments, a system for authorizing a mobile identityinformation controlled financial account device may include anon-transitory storage medium that stores instructions, at least onebiometric reader device, at least one communication unit, and aprocessor. The processor may execute the instructions to communicatewith the mobile identity information controlled financial account deviceusing the at least one communication unit; receive a first digitalrepresentation of a biometric for a first person using the at least onebiometric reader device; receive at least one permission from the firstperson to assign regarding the mobile identity information controlledfinancial account device; receive a second digital representation of abiometric for a second person using the at least one biometric readerdevice; obtain identity information from an identity system device, viathe at least one communication unit, using the second digitalrepresentation of the biometric for the second person; and determinewhether to transmit an authorization signal to the mobile identityinformation controlled financial account device using the at least onecommunication unit based on the identity information and the at leastone permission wherein the authorization signal enables use of themobile identity information controlled financial account device in atleast one transaction involving at least one financial account.

In some examples, the first digital representation of the biometric forthe first person and the second digital representation of the biometricfor the second person may be received from a same electronic device thatincludes the at least one biometric reader device.

In a number of examples, the first digital representation of thebiometric for the first person may be received from a first electronicdevice that includes a first biometric reader device and the seconddigital representation of the biometric for the second person may bereceived from a second electronic device that includes a secondbiometric reader device. In some such examples, the processor mayrequest the second digital representation of the biometric for thesecond person from the second electronic device upon receipt of the atleast one permission. In various such examples, the mobile identityinformation controlled financial account device may be configured todeauthorize after receiving the authorization signal upon interruptionof communication between the mobile identity information controlledfinancial account device and the at least one communication unit.

In some examples, the at least one permission may be temporary. Invarious examples, the at least one permission may specify transactionrestrictions.

Although the above illustrates and describes a number of embodiments, itis understood that these are examples. In various implementations,various techniques of individual embodiments may be combined withoutdeparting from the scope of the present disclosure.

As described above and illustrated in the accompanying figures, thepresent disclosure relates to authorizing a mobile identity informationcontrolled financial account device. A processing unit and a mobileidentity information controlled financial account device may communicatedirectly or indirectly. The processing unit may receive at least onedigital representation of a biometric (such as via a biometric readerdevice included in and/or separate from the mobile identity informationcontrolled financial account device), obtain identity information usingthe at least one digital representation of the biometric (such as via anidentity system device), and determine whether or not to transmit anauthorization signal to the mobile identity information controlledfinancial account device that enables use of the mobile identityinformation controlled financial account device in at least onetransaction involving at least one financial account (such as when themobile identity information controlled financial account device ispresented to a payment accepting device associated with the at least onetransaction). The mobile identity information controlled financialaccount device may be usable for the at least one transaction when themobile identity information controlled financial account device receivesthe authorization signal. The processing unit may also receive a firstdigital representation of a biometric for a first person along with atleast one permission to assign regarding the mobile identity informationcontrolled financial account device and then determine whether or not toauthorize use of the mobile identity information controlled financialaccount device when a second digital representation of a biometric for asecond person is received.

The present disclosure recognizes that biometric and/or other personaldata is owned by the person from whom such biometric and/or otherpersonal data is derived. This data can be used to the benefit of thosepeople. For example, biometric data may be used to conveniently andreliably identify and/or authenticate the identity of people, accesssecurely stored financial and/or other information associated with thebiometric data, and so on. This may allow people to avoid repeatedlyproviding physical identification and/or other information.

The present disclosure further recognizes that the entities who collect,analyze, store, and/or otherwise use such biometric and/or otherpersonal data should comply with well-established privacy policiesand/or privacy practices. Particularly, such entities should implementand consistently use privacy policies and practices that are generallyrecognized as meeting or exceeding industry or governmental requirementsfor maintaining security and privately maintaining biometric and/orother personal data, including the use of encryption and securitymethods that meets or exceeds industry or government standards. Forexample, biometric and/or other personal data should be collected forlegitimate and reasonable uses and not shared or sold outside of thoselegitimate uses. Further, such collection should occur only afterreceiving the informed consent. Additionally, such entities should takeany needed steps for safeguarding and securing access to such biometricand/or other personal data and ensuring that others with access to thebiometric and/or other personal data adhere to the same privacy policiesand practices. Further, such entities should certify their adherence towidely accepted privacy policies and practices by subjecting themselvesto appropriate third party evaluation.

Additionally, the present disclosure recognizes that people may blockthe use of, storage of, and/or access to biometric and/or other personaldata. Entities who typically collect, analyze, store, and/or otherwiseuse such biometric and/or other personal data should implement andconsistently prevent any collection, analysis, storage, and/or other useof any biometric and/or other personal data blocked by the person fromwhom such biometric and/or other personal data is derived.

In the present disclosure, the methods disclosed may be implemented assets of instructions or software readable by a device. Further, it isunderstood that the specific order or hierarchy of steps in the methodsdisclosed are examples of sample approaches. In other embodiments, thespecific order or hierarchy of steps in the method can be rearrangedwhile remaining within the disclosed subject matter. The accompanyingmethod claims present elements of the various steps in a sample order,and are not necessarily meant to be limited to the specific order orhierarchy presented.

The described disclosure may be provided as a computer program product,or software, that may include a non-transitory machine-readable mediumhaving stored thereon instructions, which may be used to program acomputer system (or other electronic devices) to perform a processaccording to the present disclosure. A non-transitory machine-readablemedium includes any mechanism for storing information in a form (e.g.,software, processing application) readable by a machine (e.g., acomputer). The non-transitory machine-readable medium may take the formof, but is not limited to, a magnetic storage medium (e.g., floppydiskette, video cassette, and so on); optical storage medium (e.g.,CD-ROM); magneto-optical storage medium; read only memory (ROM); randomaccess memory (RAM); erasable programmable memory (e.g., EPROM andEEPROM); flash memory; and so on.

The foregoing description, for purposes of explanation, used specificnomenclature to provide a thorough understanding of the describedembodiments. However, it will be apparent to one skilled in the art thatthe specific details are not required in order to practice the describedembodiments. Thus, the foregoing descriptions of the specificembodiments described herein are presented for purposes of illustrationand description. They are not targeted to be exhaustive or to limit theembodiments to the precise forms disclosed. It will be apparent to oneof ordinary skill in the art that many modifications and variations arepossible in view of the above teachings.

What is claimed is:
 1. A system for authorizing a mobile identityinformation controlled device, comprising: an enabling device,comprising: a non-transitory storage medium that stores instructions; abiometric reader device; at least one communication unit; and aprocessor that executes the instructions to: communicate with the mobileidentity information controlled device using the at least onecommunication unit; receive at least one digital representation of abiometric using the biometric reader device; obtain identity informationfrom an identity system device, via the at least one communication unit,in response to transmitting the at least one digital representation ofthe biometric to the identity system device; and determine whether totransmit an authorization signal to the mobile identity informationcontrolled device using the at least one communication unit based on theidentity information.
 2. The system of claim 1, wherein the biometricreader device comprises at least one of a fingerprint scanner, anoptical fingerprint scanner, a phosphorescent fingerprint scanner, acamera, or an image sensor.
 3. The system of claim 1, wherein the mobileidentity information controlled device is configured to deauthorizeafter receiving the authorization signal if the communication betweenthe mobile identity information controlled device and the at least onecommunication unit is interrupted.
 4. The system of claim 1, wherein theprocessor determines to transmit the authorization signal to the mobileidentity information controlled device based on a verified age includedin the identity information.
 5. The system of claim 1, wherein themobile identity information controlled device comprises a vehicle or amedia player.
 6. The system of claim 1, wherein: the at least onecommunication unit comprises a short-range communication unit and along-range communication unit; the processor communicates with themobile identity information controlled device using the short-rangecommunication unit; and the processor obtains the identity informationfrom the identity system device using the long-range communication unit.7. The system of claim 6, wherein: the short-range communication unitcomprises at least one of a near-field communication unit, a Bluetoothcommunication unit, or a Bluetooth Low Energy communication unit; andthe long-range communication unit comprises a WiFi communication unit ora cellular communication unit.
 8. The system of claim 1, wherein the atleast one digital representation of the biometric comprises a digitalrepresentation of at least one of a fingerprint, a facial image, aretina image, or an iris image.
 9. A system, comprising: a mobileidentity information controlled device, comprising: a non-transitorystorage medium that stores instructions; a biometric reader device; acommunication unit operative to communicate with an enabling device; anda controller that executes the instructions to: receive at least onedigital representation of a biometric using the biometric reader device;transmit the at least one digital representation of the biometric to theenabling device using the communication unit; and determine whether toauthorize operation of the mobile identity information controlled devicebased on identity information obtained by the enabling device from anidentity system device in response to the enabling device transmittingthe at least one digital representation of the biometric to the identitysystem device.
 10. The system of claim 9, wherein the biometric readerdevice comprises at least one of a fingerprint scanner, an opticalfingerprint scanner, a phosphorescent fingerprint scanner, a camera, oran image sensor.
 11. The system of claim 9, wherein the at least onedigital representation of the biometric comprises a digitalrepresentation of at least one of a fingerprint, a voiceprint, a facialimage, a retina image, or an iris image.
 12. The system of claim 9,wherein the controller deauthorizes operation of the mobile identityinformation controlled device upon determining that communication withthe enabling device is interrupted.
 13. The system of claim 9, wherein:the at least one digital representation of the biometric comprises afirst biometric; and the controller is operative to: receive a secondbiometric via the biometric reader device; and deauthorize operation ofthe mobile identity information controlled device when the secondbiometric mismatches the first biometric.
 14. The system of claim 13,wherein the controller attempts to reauthorize operation of the mobileidentity information controlled device by transmitting the secondbiometric to the enabling device using the communication unit.
 15. Thesystem of claim 9, wherein the mobile identity information controlleddevice comprises a vehicle or a media player.
 16. The system of claim 9,wherein the communication unit comprises at least one of a near-fieldcommunication unit, a Bluetooth communication unit, or a Bluetooth LowEnergy communication unit.
 17. A system, comprising: a mobile identityinformation controlled device, comprising: a non-transitory storagemedium that stores instructions; a biometric reader device; acommunication unit; and a controller that executes the instructions to:receive at least one digital representation of a biometric using thebiometric reader device; obtain identity information from an identitysystem device, via the communication unit, in response to transmittingthe at least one digital representation of the biometric to the identitysystem device; and determine whether to authorize operation of themobile identity information controlled device based on a verified ageincluded in the identity information.
 18. The system of claim 17,wherein the mobile identity information controlled device comprises avehicle or a media player.
 19. The system of claim 17, wherein thebiometric reader device comprises at least one of a fingerprint scanner,an optical fingerprint scanner, a phosphorescent fingerprint scanner, acamera, or an image sensor.
 20. The system of claim 17, wherein the atleast one digital representation of the biometric comprises a digitalrepresentation of at least one of a fingerprint, a facial image, aretina image, or an iris image.